From 24b1c45db311b6efe10df00cdce5e101a561a48a Mon Sep 17 00:00:00 2001 From: Ben McClelland Date: Mon, 1 Sep 2025 19:17:25 -0700 Subject: [PATCH] cleanup: move debuglogger to top level for full project access The debuglogger should be a top level module since we expect all modules within the project to make use of this. If its hidden in s3api, then contributors are less likely to make use of this outside of s3api. --- auth/bucket_cors.go | 2 +- backend/posix/posix.go | 2 +- backend/scoutfs/scoutfs_compat.go | 3 +- cmd/versitygw/main.go | 8 +- {s3api/debuglogger => debuglogger}/logger.go | 5 + s3api/admin-router.go | 12 +- s3api/controllers/base.go | 10 +- s3api/controllers/base_test.go | 43 --- s3api/controllers/bucket-get.go | 2 +- s3api/controllers/bucket-list.go | 2 +- s3api/controllers/bucket-post.go | 2 +- s3api/controllers/bucket-put.go | 2 +- s3api/controllers/object-get.go | 2 +- s3api/controllers/object-head.go | 2 +- s3api/controllers/object-post.go | 2 +- s3api/controllers/object-put.go | 2 +- s3api/controllers/options.go | 2 +- s3api/middlewares/apply-bucket-cors.go | 2 +- s3api/middlewares/authentication.go | 6 +- s3api/middlewares/logger.go | 2 +- s3api/middlewares/presign-auth.go | 6 +- s3api/router.go | 380 +++++++++---------- s3api/router_test.go | 2 +- s3api/server.go | 11 +- s3api/utils/auth-reader.go | 11 +- s3api/utils/chunk-reader.go | 2 +- s3api/utils/presign-auth-reader.go | 11 +- s3api/utils/signed-chunk-reader.go | 2 +- s3api/utils/unsigned-chunk-reader.go | 2 +- s3api/utils/utils.go | 2 +- 30 files changed, 246 insertions(+), 296 deletions(-) rename {s3api/debuglogger => debuglogger}/logger.go (98%) diff --git a/auth/bucket_cors.go b/auth/bucket_cors.go index 97ec7e4..c29a5cc 100644 --- a/auth/bucket_cors.go +++ b/auth/bucket_cors.go @@ -21,7 +21,7 @@ import ( "regexp" "strings" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3err" ) diff --git a/backend/posix/posix.go b/backend/posix/posix.go index 5a0b753..0c75de9 100644 --- a/backend/posix/posix.go +++ b/backend/posix/posix.go @@ -39,7 +39,7 @@ import ( "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" "github.com/versity/versitygw/backend/meta" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" diff --git a/backend/scoutfs/scoutfs_compat.go b/backend/scoutfs/scoutfs_compat.go index f1298da..5f4ad8c 100644 --- a/backend/scoutfs/scoutfs_compat.go +++ b/backend/scoutfs/scoutfs_compat.go @@ -23,7 +23,7 @@ import ( "github.com/versity/scoutfs-go" "github.com/versity/versitygw/backend/meta" "github.com/versity/versitygw/backend/posix" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" ) func New(rootdir string, opts ScoutfsOpts) (*ScoutFS, error) { @@ -68,7 +68,6 @@ func moveData(from *os.File, to *os.File) error { return os.ErrInvalid } - // err = scoutfs.MoveData(from, to) if err != nil { debuglogger.Logf("ScoutFs MoveData failed: %v", err) diff --git a/cmd/versitygw/main.go b/cmd/versitygw/main.go index c38eb7f..5adde6c 100644 --- a/cmd/versitygw/main.go +++ b/cmd/versitygw/main.go @@ -29,6 +29,7 @@ import ( "github.com/urfave/cli/v2" "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/metrics" "github.com/versity/versitygw/s3api" "github.com/versity/versitygw/s3api/middlewares" @@ -639,9 +640,6 @@ func runGateway(ctx context.Context, be backend.Backend) error { } opts = append(opts, s3api.WithTLS(cert)) } - if debug { - opts = append(opts, s3api.WithDebug()) - } if admPort == "" { opts = append(opts, s3api.WithAdminServer()) } @@ -658,6 +656,10 @@ func runGateway(ctx context.Context, be backend.Backend) error { opts = append(opts, s3api.WithHostStyle(virtualDomain)) } + if debug { + debuglogger.SetDebugEnabled() + } + iam, err := auth.New(&auth.Opts{ RootAccount: auth.Account{ Access: rootUserAccess, diff --git a/s3api/debuglogger/logger.go b/debuglogger/logger.go similarity index 98% rename from s3api/debuglogger/logger.go rename to debuglogger/logger.go index defa905..e849856 100644 --- a/s3api/debuglogger/logger.go +++ b/debuglogger/logger.go @@ -91,6 +91,11 @@ func SetDebugEnabled() { debugEnabled.Store(true) } +// IsDebugEnabled returns true if debugging is enabled +func IsDebugEnabled() bool { + return debugEnabled.Load() +} + // Logf is the same as 'fmt.Printf' with debug prefix, // a color added and '\n' at the end func Logf(format string, v ...any) { diff --git a/s3api/admin-router.go b/s3api/admin-router.go index ca10b63..c6aeaa0 100644 --- a/s3api/admin-router.go +++ b/s3api/admin-router.go @@ -35,42 +35,42 @@ func (ar *S3AdminRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMSe // CreateUser admin api app.Patch("/create-user", controllers.ProcessHandlers(ctrl.CreateUser, metrics.ActionAdminCreateUser, services, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminCreateUser), )) // DeleteUsers admin api app.Patch("/delete-user", controllers.ProcessHandlers(ctrl.DeleteUser, metrics.ActionAdminDeleteUser, services, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminDeleteUser), )) // UpdateUser admin api app.Patch("/update-user", controllers.ProcessHandlers(ctrl.UpdateUser, metrics.ActionAdminUpdateUser, services, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminUpdateUser), )) // ListUsers admin api app.Patch("/list-users", controllers.ProcessHandlers(ctrl.ListUsers, metrics.ActionAdminListUsers, services, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminListUsers), )) // ChangeBucketOwner admin api app.Patch("/change-bucket-owner", controllers.ProcessHandlers(ctrl.ChangeBucketOwner, metrics.ActionAdminChangeBucketOwner, services, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminChangeBucketOwner), )) // ListBucketsAndOwners admin api app.Patch("/list-buckets", controllers.ProcessHandlers(ctrl.ListBuckets, metrics.ActionAdminListBuckets, services, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminListBuckets), )) } diff --git a/s3api/controllers/base.go b/s3api/controllers/base.go index 5364267..c56103c 100644 --- a/s3api/controllers/base.go +++ b/s3api/controllers/base.go @@ -23,8 +23,8 @@ import ( "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/metrics" - "github.com/versity/versitygw/s3api/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3event" @@ -37,7 +37,6 @@ type S3ApiController struct { logger s3log.AuditLogger evSender s3event.S3EventSender mm metrics.Manager - debug bool readonly bool } @@ -59,17 +58,12 @@ var ( xmlhdr = []byte(`` + "\n") ) -func New(be backend.Backend, iam auth.IAMService, logger s3log.AuditLogger, evs s3event.S3EventSender, mm metrics.Manager, debug bool, readonly bool) S3ApiController { - if debug { - debuglogger.SetDebugEnabled() - } - +func New(be backend.Backend, iam auth.IAMService, logger s3log.AuditLogger, evs s3event.S3EventSender, mm metrics.Manager, readonly bool) S3ApiController { return S3ApiController{ be: be, iam: iam, logger: logger, evSender: evs, - debug: debug, readonly: readonly, mm: mm, } diff --git a/s3api/controllers/base_test.go b/s3api/controllers/base_test.go index 4cdebd0..13b6aaa 100644 --- a/s3api/controllers/base_test.go +++ b/s3api/controllers/base_test.go @@ -30,7 +30,6 @@ import ( "github.com/stretchr/testify/assert" "github.com/valyala/fasthttp" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/backend" "github.com/versity/versitygw/metrics" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" @@ -160,48 +159,6 @@ func buildRequest(bucket, object string, body []byte, headers, queries map[strin return req } -func TestNew(t *testing.T) { - type args struct { - be backend.Backend - iam auth.IAMService - logger s3log.AuditLogger - evs s3event.S3EventSender - mm metrics.Manager - debug bool - readonly bool - } - tests := []struct { - name string - args args - want S3ApiController - }{ - { - name: "debug enabled", - args: args{ - debug: true, - }, - want: S3ApiController{ - debug: true, - }, - }, - { - name: "debug disabled", - args: args{ - debug: false, - }, - want: S3ApiController{ - debug: false, - }, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got := New(tt.args.be, tt.args.iam, tt.args.logger, tt.args.evs, tt.args.mm, tt.args.debug, tt.args.readonly) - assert.Equal(t, got, tt.want) - }) - } -} - func TestS3ApiController_HandleErrorRoute(t *testing.T) { tests := []struct { name string diff --git a/s3api/controllers/bucket-get.go b/s3api/controllers/bucket-get.go index f504832..83645a5 100644 --- a/s3api/controllers/bucket-get.go +++ b/s3api/controllers/bucket-get.go @@ -21,7 +21,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" diff --git a/s3api/controllers/bucket-list.go b/s3api/controllers/bucket-list.go index 9da83bf..07cc9f8 100644 --- a/s3api/controllers/bucket-list.go +++ b/s3api/controllers/bucket-list.go @@ -19,7 +19,7 @@ import ( "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" diff --git a/s3api/controllers/bucket-post.go b/s3api/controllers/bucket-post.go index a78340e..bc692f4 100644 --- a/s3api/controllers/bucket-post.go +++ b/s3api/controllers/bucket-post.go @@ -22,7 +22,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3event" diff --git a/s3api/controllers/bucket-put.go b/s3api/controllers/bucket-put.go index d55315e..3ca0765 100644 --- a/s3api/controllers/bucket-put.go +++ b/s3api/controllers/bucket-put.go @@ -26,7 +26,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" diff --git a/s3api/controllers/object-get.go b/s3api/controllers/object-get.go index 6ed2d7e..d0c10b2 100644 --- a/s3api/controllers/object-get.go +++ b/s3api/controllers/object-get.go @@ -26,7 +26,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" diff --git a/s3api/controllers/object-head.go b/s3api/controllers/object-head.go index 80e648a..5648e49 100644 --- a/s3api/controllers/object-head.go +++ b/s3api/controllers/object-head.go @@ -23,7 +23,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" ) diff --git a/s3api/controllers/object-post.go b/s3api/controllers/object-post.go index 0244a9c..35614ef 100644 --- a/s3api/controllers/object-post.go +++ b/s3api/controllers/object-post.go @@ -24,7 +24,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3event" diff --git a/s3api/controllers/object-put.go b/s3api/controllers/object-put.go index d5afd40..ba9f644 100644 --- a/s3api/controllers/object-put.go +++ b/s3api/controllers/object-put.go @@ -27,7 +27,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3event" diff --git a/s3api/controllers/options.go b/s3api/controllers/options.go index e498da8..a50ae70 100644 --- a/s3api/controllers/options.go +++ b/s3api/controllers/options.go @@ -19,7 +19,7 @@ import ( "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3api/middlewares" "github.com/versity/versitygw/s3api/utils" "github.com/versity/versitygw/s3err" diff --git a/s3api/middlewares/apply-bucket-cors.go b/s3api/middlewares/apply-bucket-cors.go index 7f9aabe..48445fb 100644 --- a/s3api/middlewares/apply-bucket-cors.go +++ b/s3api/middlewares/apply-bucket-cors.go @@ -20,7 +20,7 @@ import ( "github.com/gofiber/fiber/v2" "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3err" ) diff --git a/s3api/middlewares/authentication.go b/s3api/middlewares/authentication.go index 007a30a..a52c171 100644 --- a/s3api/middlewares/authentication.go +++ b/s3api/middlewares/authentication.go @@ -39,7 +39,7 @@ type RootUserConfig struct { Secret string } -func VerifyV4Signature(root RootUserConfig, iam auth.IAMService, region string, debug bool) fiber.Handler { +func VerifyV4Signature(root RootUserConfig, iam auth.IAMService, region string) fiber.Handler { acct := accounts{root: root, iam: iam} return func(ctx *fiber.Ctx) error { @@ -123,7 +123,7 @@ func VerifyV4Signature(root RootUserConfig, iam auth.IAMService, region string, // until end of stream due to need to get length and // checksum of the stream to validate authorization wrapBodyReader(ctx, func(r io.Reader) io.Reader { - return utils.NewAuthReader(ctx, r, authData, account.Secret, debug) + return utils.NewAuthReader(ctx, r, authData, account.Secret) }) // wrap the io.Reader with ChunkReader if x-amz-content-sha256 @@ -166,7 +166,7 @@ func VerifyV4Signature(root RootUserConfig, iam auth.IAMService, region string, } } - err = utils.CheckValidSignature(ctx, authData, account.Secret, hashPayload, tdate, contentLength, debug) + err = utils.CheckValidSignature(ctx, authData, account.Secret, hashPayload, tdate, contentLength) if err != nil { return err } diff --git a/s3api/middlewares/logger.go b/s3api/middlewares/logger.go index 98cdb90..b2b84fd 100644 --- a/s3api/middlewares/logger.go +++ b/s3api/middlewares/logger.go @@ -16,7 +16,7 @@ package middlewares import ( "github.com/gofiber/fiber/v2" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" ) func DebugLogger() fiber.Handler { diff --git a/s3api/middlewares/presign-auth.go b/s3api/middlewares/presign-auth.go index e872c5d..13a0fb2 100644 --- a/s3api/middlewares/presign-auth.go +++ b/s3api/middlewares/presign-auth.go @@ -24,7 +24,7 @@ import ( "github.com/versity/versitygw/s3err" ) -func VerifyPresignedV4Signature(root RootUserConfig, iam auth.IAMService, region string, debug bool) fiber.Handler { +func VerifyPresignedV4Signature(root RootUserConfig, iam auth.IAMService, region string) fiber.Handler { acct := accounts{root: root, iam: iam} return func(ctx *fiber.Ctx) error { @@ -77,13 +77,13 @@ func VerifyPresignedV4Signature(root RootUserConfig, iam auth.IAMService, region return s3err.GetAPIError(s3err.ErrEntityTooLarge) } wrapBodyReader(ctx, func(r io.Reader) io.Reader { - return utils.NewPresignedAuthReader(ctx, r, authData, account.Secret, debug) + return utils.NewPresignedAuthReader(ctx, r, authData, account.Secret) }) return nil } - err = utils.CheckPresignedSignature(ctx, authData, account.Secret, debug) + err = utils.CheckPresignedSignature(ctx, authData, account.Secret) if err != nil { return err } diff --git a/s3api/router.go b/s3api/router.go index 043c5f4..b84769d 100644 --- a/s3api/router.go +++ b/s3api/router.go @@ -30,8 +30,8 @@ type S3ApiRouter struct { WithAdmSrv bool } -func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMService, logger s3log.AuditLogger, aLogger s3log.AuditLogger, evs s3event.S3EventSender, mm metrics.Manager, debug bool, readonly bool, region string, root middlewares.RootUserConfig) { - ctrl := controllers.New(be, iam, logger, evs, mm, debug, readonly) +func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMService, logger s3log.AuditLogger, aLogger s3log.AuditLogger, evs s3event.S3EventSender, mm metrics.Manager, readonly bool, region string, root middlewares.RootUserConfig) { + ctrl := controllers.New(be, iam, logger, evs, mm, readonly) adminServices := &controllers.Services{ Logger: aLogger, } @@ -42,42 +42,42 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ // CreateUser admin api app.Patch("/create-user", controllers.ProcessHandlers(adminController.CreateUser, metrics.ActionAdminCreateUser, adminServices, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminCreateUser), )) // DeleteUsers admin api app.Patch("/delete-user", controllers.ProcessHandlers(adminController.DeleteUser, metrics.ActionAdminDeleteUser, adminServices, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminDeleteUser), )) // UpdateUser admin api app.Patch("/update-user", controllers.ProcessHandlers(adminController.UpdateUser, metrics.ActionAdminUpdateUser, adminServices, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminUpdateUser), )) // ListUsers admin api app.Patch("/list-users", controllers.ProcessHandlers(adminController.ListUsers, metrics.ActionAdminListUsers, adminServices, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminListUsers), )) // ChangeBucketOwner admin api app.Patch("/change-bucket-owner", controllers.ProcessHandlers(adminController.ChangeBucketOwner, metrics.ActionAdminChangeBucketOwner, adminServices, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminChangeBucketOwner), )) // ListBucketsAndOwners admin api app.Patch("/list-buckets", controllers.ProcessHandlers(adminController.ListBuckets, metrics.ActionAdminListBuckets, adminServices, - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyV4Signature(root, iam, region), middlewares.IsAdmin(metrics.ActionAdminListBuckets), )) } @@ -95,8 +95,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ metrics.ActionListAllMyBuckets, services, middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListAllMyBuckets, "", auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), )) @@ -112,8 +112,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketTagging, auth.PutBucketTaggingAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), middlewares.ApplyBucketCORS(be), @@ -126,8 +126,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketOwnershipControls, auth.PutBucketOwnershipControlsAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -140,8 +140,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketVersioning, auth.PutBucketVersioningAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -154,8 +154,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutObjectLockConfiguration, auth.PutBucketObjectLockConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -168,8 +168,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketCors, auth.PutBucketCorsAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -182,8 +182,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketPolicy, auth.PutBucketPolicyAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -196,8 +196,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketAcl, auth.PutBucketAclAction, auth.PermissionWriteAcp), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -210,8 +210,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketAnalyticsConfiguration, auth.PutAnalyticsConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -224,8 +224,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketEncryption, auth.PutEncryptionConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -238,8 +238,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketIntelligentTieringConfiguration, auth.PutIntelligentTieringConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -252,8 +252,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketInventoryConfiguration, auth.PutInventoryConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -266,8 +266,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketLifecycleConfiguration, auth.PutLifecycleConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -280,8 +280,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketLogging, auth.PutBucketLoggingAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -294,8 +294,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketRequestPayment, auth.PutBucketRequestPaymentAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -308,8 +308,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketMetricsConfiguration, auth.PutMetricsConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -322,8 +322,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketReplication, auth.PutReplicationConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -336,8 +336,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutPublicAccessBlock, auth.PutBucketPublicAccessBlockAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -350,8 +350,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketNotificationConfiguration, auth.PutBucketNotificationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -364,8 +364,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketAccelerateConfiguration, auth.PutAccelerateConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -378,8 +378,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutBucketWebsite, auth.PutBucketWebsiteAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -391,8 +391,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionCreateBucket, auth.CreateBucketAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), )) @@ -406,8 +406,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ middlewares.ApplyBucketCORS(be), middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionHeadBucket, auth.ListBucketAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -422,8 +422,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketTagging, auth.PutBucketTaggingAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -436,8 +436,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketOwnershipControls, auth.PutBucketOwnershipControlsAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -450,8 +450,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketPolicy, auth.PutBucketPolicyAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -464,8 +464,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketCors, auth.PutBucketCorsAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -478,8 +478,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketAnalyticsConfiguration, auth.PutAnalyticsConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -492,8 +492,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketEncryption, auth.PutEncryptionConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -506,8 +506,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketIntelligentTieringConfiguration, auth.PutIntelligentTieringConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -520,8 +520,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketInventoryConfiguration, auth.PutInventoryConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -534,8 +534,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketLifecycle, auth.PutLifecycleConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -548,8 +548,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketMetricsConfiguration, auth.PutMetricsConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -562,8 +562,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketReplication, auth.PutReplicationConfigurationAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -576,8 +576,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeletePublicAccessBlock, auth.PutBucketPublicAccessBlockAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -590,8 +590,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucketWebsite, auth.PutBucketWebsiteAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -603,8 +603,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteBucket, auth.DeleteBucketAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -619,8 +619,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketLocation, auth.GetBucketLocationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -634,8 +634,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketTagging, auth.GetBucketTaggingAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -648,8 +648,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketOwnershipControls, auth.GetBucketOwnershipControlsAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -662,8 +662,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketVersioning, auth.GetBucketVersioningAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -676,8 +676,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketPolicy, auth.GetBucketPolicyAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -690,8 +690,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketCors, auth.GetBucketCorsAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -704,8 +704,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetObjectLockConfiguration, auth.GetBucketObjectLockConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -718,8 +718,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketAcl, auth.GetBucketAclAction, auth.PermissionReadAcp), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -732,8 +732,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListMultipartUploads, auth.ListBucketMultipartUploadsAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -746,8 +746,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListObjectVersions, auth.ListBucketVersionsAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -760,8 +760,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketPolicyStatus, auth.GetBucketPolicyStatusAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -774,8 +774,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketAnalyticsConfiguration, auth.GetAnalyticsConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -788,8 +788,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListBucketAnalyticsConfigurations, auth.GetAnalyticsConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -802,8 +802,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketEncryption, auth.GetEncryptionConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -816,8 +816,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketIntelligentTieringConfiguration, auth.GetIntelligentTieringConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -830,8 +830,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListBucketIntelligentTieringConfigurations, auth.GetIntelligentTieringConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -844,8 +844,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketInventoryConfiguration, auth.GetInventoryConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -858,8 +858,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListBucketInventoryConfigurations, auth.GetInventoryConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -872,8 +872,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketLifecycleConfiguration, auth.GetLifecycleConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -886,8 +886,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketLogging, auth.GetBucketLoggingAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -900,8 +900,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketRequestPayment, auth.GetBucketRequestPaymentAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -914,8 +914,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketMetricsConfiguration, auth.GetMetricsConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -928,8 +928,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListBucketMetricsConfigurations, auth.GetMetricsConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -942,8 +942,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketReplication, auth.GetReplicationConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -956,8 +956,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetPublicAccessBlock, auth.GetBucketPublicAccessBlockAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -970,8 +970,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketNotificationConfiguration, auth.GetBucketNotificationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -984,8 +984,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketAccelerateConfiguration, auth.GetAccelerateConfigurationAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -998,8 +998,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetBucketWebsite, auth.GetBucketWebsiteAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ParseAcl(be), ), @@ -1012,8 +1012,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListObjectsV2, auth.ListBucketAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1025,8 +1025,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListObjects, auth.ListBucketAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1041,8 +1041,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteObjects, auth.DeleteObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1056,8 +1056,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionHeadObject, auth.GetObjectAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1072,8 +1072,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetObjectTagging, auth.GetObjectTaggingAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1086,8 +1086,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetObjectRetention, auth.GetObjectRetentionAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1100,8 +1100,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetObjectLegalHold, auth.GetObjectLegalHoldAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1114,8 +1114,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetObjectAcl, auth.GetObjectAclAction, auth.PermissionReadAcp), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1128,8 +1128,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetObjectAttributes, auth.GetObjectAttributesAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1142,8 +1142,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionListParts, auth.ListMultipartUploadPartsAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1155,8 +1155,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionGetObject, auth.GetObjectAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1171,8 +1171,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteObjectTagging, auth.DeleteObjectTaggingAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1185,8 +1185,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionAbortMultipartUpload, auth.AbortMultipartUploadAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1198,8 +1198,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionDeleteObject, auth.DeleteObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1213,8 +1213,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionRestoreObject, auth.RestoreObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1228,8 +1228,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionSelectObjectContent, auth.GetObjectAction, auth.PermissionRead), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1242,8 +1242,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionCompleteMultipartUpload, auth.PutObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1256,8 +1256,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionCreateMultipartUpload, auth.PutObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1272,8 +1272,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutObjectTagging, auth.PutObjectTaggingAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1286,8 +1286,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutObjectRetention, auth.PutObjectRetentionAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1300,8 +1300,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutObjectLegalHold, auth.PutObjectLegalHoldAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1314,8 +1314,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutObjectAcl, auth.PutObjectAclAction, auth.PermissionWriteAcp), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1329,8 +1329,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionUploadPartCopy, auth.PutObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1343,8 +1343,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionUploadPart, auth.PutObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1369,8 +1369,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionCopyObject, auth.PutObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), @@ -1382,8 +1382,8 @@ func (sa *S3ApiRouter) Init(app *fiber.App, be backend.Backend, iam auth.IAMServ services, middlewares.BucketObjectNameValidator(), middlewares.AuthorizePublicBucketAccess(be, metrics.ActionPutObject, auth.PutObjectAction, auth.PermissionWrite), - middlewares.VerifyPresignedV4Signature(root, iam, region, debug), - middlewares.VerifyV4Signature(root, iam, region, debug), + middlewares.VerifyPresignedV4Signature(root, iam, region), + middlewares.VerifyV4Signature(root, iam, region), middlewares.VerifyMD5Body(), middlewares.ApplyBucketCORS(be), middlewares.ParseAcl(be), diff --git a/s3api/router_test.go b/s3api/router_test.go index d4ca335..003a0e0 100644 --- a/s3api/router_test.go +++ b/s3api/router_test.go @@ -46,7 +46,7 @@ func TestS3ApiRouter_Init(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - tt.sa.Init(tt.args.app, tt.args.be, tt.args.iam, nil, nil, nil, nil, false, false, "us-east-1", middlewares.RootUserConfig{}) + tt.sa.Init(tt.args.app, tt.args.be, tt.args.iam, nil, nil, nil, nil, false, "us-east-1", middlewares.RootUserConfig{}) }) } } diff --git a/s3api/server.go b/s3api/server.go index 8030b47..d1859bd 100644 --- a/s3api/server.go +++ b/s3api/server.go @@ -22,6 +22,7 @@ import ( "github.com/gofiber/fiber/v2/middleware/logger" "github.com/versity/versitygw/auth" "github.com/versity/versitygw/backend" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/metrics" "github.com/versity/versitygw/s3api/controllers" "github.com/versity/versitygw/s3api/middlewares" @@ -36,7 +37,6 @@ type S3ApiServer struct { port string cert *tls.Certificate quiet bool - debug bool readonly bool health string virtualDomain string @@ -91,11 +91,11 @@ func New( } // initialize the debug logger in debug mode - if server.debug { + if debuglogger.IsDebugEnabled() { app.Use(middlewares.DebugLogger()) } - server.router.Init(app, be, iam, l, adminLogger, evs, mm, server.debug, server.readonly, region, root) + server.router.Init(app, be, iam, l, adminLogger, evs, mm, server.readonly, region, root) return server, nil } @@ -113,11 +113,6 @@ func WithAdminServer() Option { return func(s *S3ApiServer) { s.router.WithAdmSrv = true } } -// WithDebug sets debug output -func WithDebug() Option { - return func(s *S3ApiServer) { s.debug = true } -} - // WithQuiet silences default logging output func WithQuiet() Option { return func(s *S3ApiServer) { s.quiet = true } diff --git a/s3api/utils/auth-reader.go b/s3api/utils/auth-reader.go index fed3d4c..9eaf328 100644 --- a/s3api/utils/auth-reader.go +++ b/s3api/utils/auth-reader.go @@ -27,6 +27,7 @@ import ( "github.com/aws/smithy-go/logging" "github.com/gofiber/fiber/v2" v4 "github.com/versity/versitygw/aws/signer/v4" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3err" ) @@ -45,14 +46,13 @@ type AuthReader struct { secret string size int r *HashReader - debug bool } // NewAuthReader initializes an io.Reader that will verify the request // v4 auth when the underlying reader returns io.EOF. This postpones the // authorization check until the reader is consumed. So it is important that // the consumer of this reader checks for the auth errors while reading. -func NewAuthReader(ctx *fiber.Ctx, r io.Reader, auth AuthData, secret string, debug bool) *AuthReader { +func NewAuthReader(ctx *fiber.Ctx, r io.Reader, auth AuthData, secret string) *AuthReader { var hr *HashReader hashPayload := ctx.Get("X-Amz-Content-Sha256") if !IsSpecialPayload(hashPayload) { @@ -66,7 +66,6 @@ func NewAuthReader(ctx *fiber.Ctx, r io.Reader, auth AuthData, secret string, de r: hr, auth: auth, secret: secret, - debug: debug, } } @@ -107,7 +106,7 @@ func (ar *AuthReader) validateSignature() error { return s3err.GetAPIError(s3err.ErrMalformedDate) } - return CheckValidSignature(ar.ctx, ar.auth, ar.secret, hashPayload, tdate, int64(ar.size), ar.debug) + return CheckValidSignature(ar.ctx, ar.auth, ar.secret, hashPayload, tdate, int64(ar.size)) } const ( @@ -115,7 +114,7 @@ const ( ) // CheckValidSignature validates the ctx v4 auth signature -func CheckValidSignature(ctx *fiber.Ctx, auth AuthData, secret, checksum string, tdate time.Time, contentLen int64, debug bool) error { +func CheckValidSignature(ctx *fiber.Ctx, auth AuthData, secret, checksum string, tdate time.Time, contentLen int64) error { signedHdrs := strings.Split(auth.SignedHeaders, ";") // Create a new http request instance from fasthttp request @@ -134,7 +133,7 @@ func CheckValidSignature(ctx *fiber.Ctx, auth AuthData, secret, checksum string, req, checksum, service, auth.Region, tdate, signedHdrs, func(options *v4.SignerOptions) { options.DisableURIPathEscaping = true - if debug { + if debuglogger.IsDebugEnabled() { options.LogSigning = true options.Logger = logging.NewStandardLogger(os.Stderr) } diff --git a/s3api/utils/chunk-reader.go b/s3api/utils/chunk-reader.go index 7af15f7..19625ff 100644 --- a/s3api/utils/chunk-reader.go +++ b/s3api/utils/chunk-reader.go @@ -24,7 +24,7 @@ import ( "time" "github.com/gofiber/fiber/v2" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3err" ) diff --git a/s3api/utils/presign-auth-reader.go b/s3api/utils/presign-auth-reader.go index e2531e9..ce18b51 100644 --- a/s3api/utils/presign-auth-reader.go +++ b/s3api/utils/presign-auth-reader.go @@ -29,6 +29,7 @@ import ( v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" "github.com/aws/smithy-go/logging" "github.com/gofiber/fiber/v2" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3err" ) @@ -45,16 +46,14 @@ type PresignedAuthReader struct { auth AuthData secret string r io.Reader - debug bool } -func NewPresignedAuthReader(ctx *fiber.Ctx, r io.Reader, auth AuthData, secret string, debug bool) *PresignedAuthReader { +func NewPresignedAuthReader(ctx *fiber.Ctx, r io.Reader, auth AuthData, secret string) *PresignedAuthReader { return &PresignedAuthReader{ ctx: ctx, r: r, auth: auth, secret: secret, - debug: debug, } } @@ -63,7 +62,7 @@ func (pr *PresignedAuthReader) Read(p []byte) (int, error) { n, err := pr.r.Read(p) if errors.Is(err, io.EOF) { - cerr := CheckPresignedSignature(pr.ctx, pr.auth, pr.secret, pr.debug) + cerr := CheckPresignedSignature(pr.ctx, pr.auth, pr.secret) if cerr != nil { return n, cerr } @@ -73,7 +72,7 @@ func (pr *PresignedAuthReader) Read(p []byte) (int, error) { } // CheckPresignedSignature validates presigned request signature -func CheckPresignedSignature(ctx *fiber.Ctx, auth AuthData, secret string, debug bool) error { +func CheckPresignedSignature(ctx *fiber.Ctx, auth AuthData, secret string) error { signedHdrs := strings.Split(auth.SignedHeaders, ";") var contentLength int64 @@ -100,7 +99,7 @@ func CheckPresignedSignature(ctx *fiber.Ctx, auth AuthData, secret string, debug SecretAccessKey: secret, }, req, unsignedPayload, service, auth.Region, date, func(options *v4.SignerOptions) { options.DisableURIPathEscaping = true - if debug { + if debuglogger.IsDebugEnabled() { options.LogSigning = true options.Logger = logging.NewStandardLogger(os.Stderr) } diff --git a/s3api/utils/signed-chunk-reader.go b/s3api/utils/signed-chunk-reader.go index feb31d0..3b3f2bb 100644 --- a/s3api/utils/signed-chunk-reader.go +++ b/s3api/utils/signed-chunk-reader.go @@ -31,7 +31,7 @@ import ( "time" "github.com/aws/aws-sdk-go-v2/service/s3/types" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3err" ) diff --git a/s3api/utils/unsigned-chunk-reader.go b/s3api/utils/unsigned-chunk-reader.go index 3b14feb..bf9d5f9 100644 --- a/s3api/utils/unsigned-chunk-reader.go +++ b/s3api/utils/unsigned-chunk-reader.go @@ -30,7 +30,7 @@ import ( "strconv" "strings" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" ) var ( diff --git a/s3api/utils/utils.go b/s3api/utils/utils.go index 44aa23c..01240a5 100644 --- a/s3api/utils/utils.go +++ b/s3api/utils/utils.go @@ -31,7 +31,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/gofiber/fiber/v2" "github.com/valyala/fasthttp" - "github.com/versity/versitygw/s3api/debuglogger" + "github.com/versity/versitygw/debuglogger" "github.com/versity/versitygw/s3err" "github.com/versity/versitygw/s3response" )